Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a84526d7-5029-439b-9e16-14cd601eb5a1.roa
File: a84526d7-5029-439b-9e16-14cd601eb5a1.roa (raw, json)
Hash identifier: mXN+vTUjKA3hBVMmEPj6U7C5QqA3V9O+evqqEWM06Cw=
Subject key identifier: EE:EF:46:7E:F0:67:A6:6F:D1:18:50:92:27:15:81:F4:ED:38:03:F8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 650677E2E5F0F156AEE148961BC93F3EF99DF2B1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a84526d7-5029-439b-9e16-14cd601eb5a1.roa
Signing time: Tue 21 Oct 2025 14:40:01 +0000
ROA not before: Tue 21 Oct 2025 14:40:01 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:06:77:e2:e5:f0:f1:56:ae:e1:48:96:1b:c9:3f:3e:f9:9d:f2:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:40:01 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=83285c4baa2e68213afa48ec96a94dc02be11e71bd5d32a9ebbbb87e51c6b966, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7f:16:bb:d7:38:58:94:c6:3c:c6:24:49:bc:
2f:5c:98:5a:1d:99:69:ba:4e:0e:12:26:4d:5f:08:
9a:f6:54:1e:0d:01:90:19:d0:44:b4:55:32:04:74:
cf:33:e1:7d:bf:81:a4:2d:38:0d:b7:1b:38:e4:91:
87:a2:18:cf:25:f3:27:35:4c:d9:f9:a9:10:01:38:
28:73:d0:9c:f0:53:7c:06:b1:fb:65:63:64:23:40:
67:37:20:b7:1b:89:17:44:b6:bf:0f:66:07:47:1f:
54:64:5e:d5:9a:f2:cc:12:49:90:7d:5e:50:48:0f:
55:50:8e:9a:de:12:c9:6b:54:6f:b2:b9:f4:99:dd:
12:05:80:3c:d5:35:e0:14:06:07:dc:92:3a:0d:ab:
56:f1:23:0c:e1:21:26:b6:0c:f0:0f:0f:7b:89:03:
b9:26:8d:2c:e7:98:95:9e:b6:e7:c1:ef:be:02:b2:
72:00:fa:1b:60:39:62:a8:4d:48:e8:f1:b3:53:bb:
e6:c0:33:b4:3c:04:ad:3c:7e:d9:78:16:ce:ec:2a:
c7:0d:4b:74:72:26:01:21:f6:39:56:21:c7:8b:72:
97:a3:4f:a4:d3:0b:22:7a:53:23:66:1e:e2:77:c7:
02:fc:bb:97:0d:14:72:50:bc:78:5a:ea:99:1d:e5:
54:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:EF:46:7E:F0:67:A6:6F:D1:18:50:92:27:15:81:F4:ED:38:03:F8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a84526d7-5029-439b-9e16-14cd601eb5a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:6080::/48
Signature Algorithm: sha256WithRSAEncryption
5a:73:d2:2f:b4:a8:0e:2a:5d:73:06:65:b9:93:1c:ae:d2:de:
6b:57:95:d6:00:3f:0d:b6:57:df:b9:fe:74:1f:2a:20:a9:76:
50:b8:d8:7b:3c:99:e8:89:e1:5d:b5:33:6a:0a:eb:09:ab:53:
0f:39:c2:e6:fd:57:4c:fd:f2:ab:8c:93:f1:b9:da:de:12:84:
29:57:3b:7e:d9:06:ae:ff:07:2b:e7:d0:36:6c:e2:09:d5:4a:
fb:93:6b:a5:13:60:70:e8:09:9e:fb:27:54:c3:a8:cd:16:57:
0d:ff:8d:2a:6b:06:3c:06:75:e0:c9:65:07:a9:92:4d:92:95:
e9:85:5f:c1:19:3b:53:95:bd:7a:1e:69:38:24:75:64:c2:60:
0f:92:6f:c0:5b:b2:8f:94:5a:9f:2b:b7:fd:17:e2:5b:b4:4f:
c7:18:6c:15:17:91:a9:99:a8:e8:ad:f0:30:d8:c2:f3:d3:d0:
52:6e:c1:19:e9:a3:82:2e:b1:b5:03:ee:6d:a9:90:a6:cc:30:
49:a6:d4:e9:78:97:f1:1f:ef:9f:74:25:93:2a:b2:37:00:f6:
1d:44:48:e8:ea:81:46:2c:f4:11:03:45:f5:fe:3c:fd:4b:c0:
0f:2d:f8:10:59:18:a5:8e:e4:3a:7c:42:cd:63:2f:29:cd:01:
33:2a:48:a7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZQZ34uXw8Vau4UiWG8k/Pvmd8rEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDQwMDFaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzMjg1YzRiYWEyZTY4MjEzYWZhNDhlYzk2YTk0ZGMwMmJlMTFlNzFiZDVk
MzJhOWViYmJiODdlNTFjNmI5NjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMd/FrvXOFiUxjzGJEm8L1yYWh2ZabpODhImTV8ImvZUHg0BkBnQRLRVMgR0
zzPhfb+BpC04DbcbOOSRh6IYzyXzJzVM2fmpEAE4KHPQnPBTfAax+2VjZCNAZzcg
txuJF0S2vw9mB0cfVGRe1ZryzBJJkH1eUEgPVVCOmt4SyWtUb7K59JndEgWAPNU1
4BQGB9ySOg2rVvEjDOEhJrYM8A8Pe4kDuSaNLOeYlZ6258HvvgKycgD6G2A5YqhN
SOjxs1O75sAztDwErTx+2XgWzuwqxw1LdHImASH2OVYhx4tyl6NPpNMLInpTI2Ye
4nfHAvy7lw0UclC8eFrqmR3lVKkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTu70Z+
8Gemb9EYUJInFYH07TgD+DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTg0NTI2ZDctNTAyOS00MzliLTllMTYtMTRjZDYwMWViNWExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABg
gDANBgkqhkiG9w0BAQsFAAOCAQEAWnPSL7SoDipdcwZluZMcrtLea1eV1gA/DbZX
37n+dB8qIKl2ULjYezyZ6InhXbUzagrrCatTDznC5v1XTP3yq4yT8bna3hKEKVc7
ftkGrv8HK+fQNmziCdVK+5NrpRNgcOgJnvsnVMOozRZXDf+NKmsGPAZ14MllB6mS
TZKV6YVfwRk7U5W9eh5pOCR1ZMJgD5JvwFuyj5Ranyu3/RfiW7RPxxhsFReRqZmo
6K3wMNjC89PQUm7BGemjgi6xtQPubamQpswwSabU6XiX8R/vn3QlkyqyNwD2HURI
6OqBRiz0EQNF9f48/UvADy34EFkYpY7kOnxCzWMvKc0BMypIpw==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:15:10 2025 by rpki-client